Skip to content

Bug 1505266 - Validate node IP is local during sdn node initialization#17043

Merged
openshift-merge-robot merged 2 commits intoopenshift:masterfrom
pravisankar:validate-nodeip
Oct 28, 2017
Merged

Bug 1505266 - Validate node IP is local during sdn node initialization#17043
openshift-merge-robot merged 2 commits intoopenshift:masterfrom
pravisankar:validate-nodeip

Conversation

@pravisankar
Copy link

@pravisankar pravisankar commented Oct 26, 2017

@openshift-ci-robot openshift-ci-robot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label Oct 26, 2017
@openshift-merge-robot openshift-merge-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Oct 26, 2017
@pravisankar pravisankar added component/networking sig/networking and removed approved Indicates a PR has been approved by an approver from all required OWNERS files. labels Oct 26, 2017
@openshift-merge-robot openshift-merge-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Oct 26, 2017
@pravisankar
Copy link
Author

pravisankar commented Oct 26, 2017

@openshift/networking @danwinship PTAL

danwinship
danwinship suggested changes Oct 26, 2017
View reviewed changes
pkg/network/node/node.go
return nil, nil
}

if useConnTrack && c.ProxyMode != componentconfig.ProxyModeIPTables {
Copy link
Contributor

@danwinship danwinship Oct 26, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I feel like it's better to always log the "Initializing SDN" message... can you move things around so that happens before this? (And why did you move this before setNodeIP? Why does that matter?)

Copy link
Author

@pravisankar pravisankar Oct 26, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agree, it is always good to log this msg.
This proxy check doesn't depend on computing hostname/selfIP, so I just moved that logic a bit up in this method.

pkg/network/common/common.go Outdated

for _, addr := range addrs {
if addr.IP.String() == ip {
return link, addr.IPNet, nil
Copy link
Contributor

@danwinship danwinship Oct 26, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is not the same as what findEgressLink() was doing. The netlink.Addr's embedded IPNet is an IP address (eg "172.17.0.3/24"), but eip.localEgressNet is supposed to be the subnet CIDR that includes it (eg "172.17.0.0/24"). Hence the re-parsing of it (because there's no public method to directly mask the IP address form into the subnet form).

Ravi Sankar Penta added 2 commits October 26, 2017 12:06
Refactor: Move sdn node Hostname/SelfIP initialization to setNodeIP()
e1499a9 
Check proxy mode in node.New() before computing hostname/selfIP
so that we can return early in case of incompatible proxy mode error.
Bug 1505266 - Validate node IP is local during sdn node initialization
75adfb4
@pravisankar
Copy link
Author

pravisankar commented Oct 26, 2017

@danwinship Updated, PTAL

@pravisankar
Copy link
Author

pravisankar commented Oct 26, 2017

/retest

@0xmichalis
Copy link
Contributor

0xmichalis commented Oct 27, 2017

/refresh

@0xmichalis
Copy link
Contributor

0xmichalis commented Oct 27, 2017

/retest

@danwinship
Copy link
Contributor

danwinship commented Oct 27, 2017

/lgtm

@openshift-ci-robot openshift-ci-robot added the lgtm Indicates that a PR is ready to be merged. label Oct 27, 2017
@openshift-merge-robot
Copy link
Contributor

openshift-merge-robot commented Oct 27, 2017

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: danwinship, pravisankar

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these OWNERS Files:

You can indicate your approval by writing /approve in a comment
You can cancel your approval by writing /approve cancel in a comment

@pravisankar pravisankar added the kind/bug Categorizes issue or PR as related to a bug. label Oct 27, 2017
@openshift-bot
Copy link
Contributor

openshift-bot commented Oct 28, 2017

/retest

Please review the full test history for this PR and help us cut down flakes.

@openshift-merge-robot
Copy link
Contributor

openshift-merge-robot commented Oct 28, 2017

Automatic merge from submit-queue.

@openshift-merge-robot openshift-merge-robot merged commit f12efea into openshift:master Oct 28, 2017
@danwinship danwinship mentioned this pull request Oct 30, 2017
Merged
openshift-merge-robot added a commit that referenced this pull request Oct 31, 2017
@openshift-merge-robot
Merge pull request #17087 from danwinship/fix-cross-build
394c793 
Automatic merge from submit-queue.

Fix cross build

#17043 broke the cross build by depending on netlink from pkg/network/common. This fixes that (by just moving the new function since it wasn't needed outside of pkg/network/node anyway).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@danwinship danwinship danwinship approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@danwinship danwinship

@soltysh soltysh

@rajatchopra rajatchopra

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. component/networking kind/bug Categorizes issue or PR as related to a bug. lgtm Indicates that a PR is ready to be merged. sig/networking size/L Denotes a PR that changes 100-499 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

8 participants

@pravisankar @0xmichalis @danwinship @openshift-merge-robot @openshift-bot @soltysh @rajatchopra @openshift-ci-robot